Google still working on squashing IM bug

Google is still tussling with a scary and disconcerting glitch that caused its IM apps to route messages to the incorrect recipients.

Although Google said it repaired the delivery malfunction, the company still hasn't declared the problem fully solved, more than 36 hours after the bug struck users of Talk, Chat and Hangouts.

It's not clear how many people were affected, but the bug is chilling because of its potential for personal and professional embarrassment and harm to people's privacy.

Google's last update was posted to the Apps Status site at 2:30 p.m. U.S. Eastern Time on Thursday, and gave vague and seemingly contradictory information.

For example, like the posts preceding it, the latest one didn't even provide a basic description of the problem, whose nature became known only through complaints posted on discussion forums and social media outlets by frantic and horrified users.

Moreover, the post states that Google Talk has "already been restored for some users" when a previous status update had indicated the routing problem had been solved and that Talk and the other IM services could be used without fear of running into the glitch again.

In addition, the use of the verb "restored" implies that the IM services either went offline or were taken offline by Google, although it's not clear that this happened.

The post also mentions that Google is "currently applying a fix" and will announce when "full service is restored." Adding to the confusion, the post refers only to Talk and not to the other Google IM services, so it's not clear whether only Talk is getting fixed but not the others.

A Google spokeswoman said via email on Thursday that those affected were "some people using Google's instant messaging services." She declined to clarify or comment further.

According to Google, the IM apps malfunctioned between 1 a.m. and 4:30 a.m. U.S. Eastern Time on Thursday.

The company hasn't given an estimate of how many messages were delivered incorrectly and how many users were affected.

Google's IM services are used by individuals for personal communications and by businesses, schools and government agencies as part of the company's Google Apps communication and collaboration suite.

Several Google Apps administrators have chimed in about the problem online, including one who called the incident "a really big deal" in a message posted on the official Google Chat discussion forum.

"Certainly, it shakes peoples' confidence. Moreover, the fact that the [Apps Status] dashboard provides conflicting information really makes it feel like amateur hour at the Googleplex," this person wrote.

"Did they really find the problem and resolve it?" the admin added. "Google needs to provide some detailed information and over communicate on this to gain some trust/confidence that the issue is solved. My next step, I suppose, is to shut down chat altogether to avoid any further possibility of a breach of confidentiality."

Latest Videos

​Email fraud is nothing new, but online criminals have become ever more-effective at spoofing their identities to trick employees into sending them money. The Australian Centre for Cyber Security (ACSC) recorded losses of over $20M to business email compromise (BEC) attacks last year alone, up 230 percent over the previous year – and the full amount is certain to be much larger.​

No matter how robust your security, or how diligent your employees, network credentials are a free pass for cybercriminals. This is mostly because employees are relied upon for their own password management. And with more than 4.8 billion sets of stolen credentials said to be available online, odds are that at least a few of your employees’ user IDs and passwords are just waiting to be used by unscrupulous outsiders. Are you ready to stop them?

Cyber resilience will be particularly important as Australian organisations face increased pressure to quickly detect, respond to, and manage the repercussions of breaches in the wake of 2018’s Notifiable Data Breaches (NDB) scheme.

Copyright 2018 IDG Communications. ABN 14 001 592 650. All rights reserved. Reproduction in whole or in part in any form or medium without express written permission of IDG Communications is prohibited.